package com.gxa.ssm340.interceptor;


import com.gxa.ssm340.anno.RequiresPermission;
import com.gxa.ssm340.common.ErrorCode;
import com.gxa.ssm340.entity.pojo.Menu;
import com.gxa.ssm340.entity.vo.AdminMenusVO;
import com.gxa.ssm340.entity.vo.UserCouponVO;
import com.gxa.ssm340.exception.BizException;
import com.gxa.ssm340.service.AdminService;
import com.gxa.ssm340.service.UserCancelService;
import com.gxa.ssm340.uitl.JwtUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
import java.util.List;


/**
 * @author Lenovo
 */


public class PermissionInterceptor implements HandlerInterceptor {

    @Autowired
    AdminService adminService;
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {

//        System.out.println(o);
//
//        System.out.println(o.getClass());

        // Method method = ((HandlerMethod) o).getMethod();
        // RequiresPermission annotation = method.getAnnotation(RequiresPermission.class);
        // String value = annotation.value();


        // if (! (o instanceof HandlerMethod)){
        //     return true;
        // }
        //返回值为true，拦截器放行 ，执行控制器操作
        //      false 表示拦截器不通过，拦死，控制器将无法调用

        System.out.println("PermissionInterceptor1拦截器开始工作");

        //模拟权限的操作
        //1.获取请求头信息
        String token = request.getHeader("Auth");
        if (StringUtils.isEmpty(token)){
            throw  new BizException(ErrorCode.NULL_TOKEN);
        }

        String phone = JwtUtil.getPhone(token, "phone");
        //2. 请求头中存储的token是否合法
        boolean verify = JwtUtil.verify(token, phone);
        if (!verify){
            throw  new BizException(ErrorCode.VALIED_TOKEN);
        }

        //3. 查询该用户的权限列表
        String requestURI = request.getRequestURI();
        System.out.println(requestURI+"==========================");
        AdminMenusVO menusByphone = adminService.getMenusByphone(phone);
        List<Menu> menus = menusByphone.getMenus();
        for (Menu menu : menus) {
            if(!StringUtils.isEmpty(menu.getMenuUrl()) && requestURI.equals(menu.getMenuUrl())){
                return true;
            }
        }

//        EmplMenuVO menusByPhone = emplService.getMenusByPhone(phone);
//        List<Menu> menuList = menusByPhone.getMenuList();
//        System.out.println();
//        for (Menu menu : menuList) {
//            if (!StringUtils.isEmpty(menu.getMenuUrl()) && requestURI.equals(menu.getMenuUrl()) && value.equals(menu.getMenuName()) ){
//                return true;
//            }
//        }

        throw new BizException(ErrorCode.VALIED_PERMISSION);
    }

    @Override
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
        //处理器操作的后置操作
    }

    @Override
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
        //处理完成后的必要操作
    }
}
